Mercurial Repositories > eric / file comparison

comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py

branch
eric7
changeset 11147
dee6e106b4d3
parent 11090
f5f5f5803935
equal deleted inserted replaced
11146:59e04f7003e9 11147:dee6e106b4d3
26 list of codes 26 list of codes
27 @rtype dict 27 @rtype dict
28 """ 28 """
29 return { 29 return {
30 "Call": [ 30 "Call": [
31 (checkInsecureSslProtocolVersion, ("S502",)), 31 (checkInsecureSslProtocolVersion, ("S-502",)),
32 (checkSslWithoutVersion, ("S504",)), 32 (checkSslWithoutVersion, ("S-504",)),
33 ], 33 ],
34 "FunctionDef": [ 34 "FunctionDef": [
35 (checkInsecureSslDefaults, ("S503",)), 35 (checkInsecureSslDefaults, ("S-503",)),
36 ], 36 ],
37 } 37 }
38 38
39 39
40 def checkInsecureSslProtocolVersion(reportError, context, config): 40 def checkInsecureSslProtocolVersion(reportError, context, config):
57 if context.callFunctionNameQual == "ssl.wrap_socket": 57 if context.callFunctionNameQual == "ssl.wrap_socket":
58 if context.checkCallArgValue("ssl_version", insecureProtocolVersions): 58 if context.checkCallArgValue("ssl_version", insecureProtocolVersions):
59 reportError( 59 reportError(
60 context.getLinenoForCallArg("ssl_version") - 1, 60 context.getLinenoForCallArg("ssl_version") - 1,
61 context.getOffsetForCallArg("ssl_version"), 61 context.getOffsetForCallArg("ssl_version"),
62 "S502.1", 62 "S-502.1",
63 "H", 63 "H",
64 "H", 64 "H",
65 ) 65 )
66 66
67 elif context.callFunctionNameQual == "pyOpenSSL.SSL.Context": 67 elif context.callFunctionNameQual == "pyOpenSSL.SSL.Context":
68 if context.checkCallArgValue("method", insecureProtocolVersions): 68 if context.checkCallArgValue("method", insecureProtocolVersions):
69 reportError( 69 reportError(
70 context.getLinenoForCallArg("method") - 1, 70 context.getLinenoForCallArg("method") - 1,
71 context.getOffsetForCallArg("method"), 71 context.getOffsetForCallArg("method"),
72 "S502.2", 72 "S-502.2",
73 "H", 73 "H",
74 "H", 74 "H",
75 ) 75 )
76 76
77 elif ( 77 elif (
80 ): 80 ):
81 if context.checkCallArgValue("method", insecureProtocolVersions): 81 if context.checkCallArgValue("method", insecureProtocolVersions):
82 reportError( 82 reportError(
83 context.getLinenoForCallArg("method") - 1, 83 context.getLinenoForCallArg("method") - 1,
84 context.getOffsetForCallArg("method"), 84 context.getOffsetForCallArg("method"),
85 "S502.3", 85 "S-502.3",
86 "H", 86 "H",
87 "H", 87 "H",
88 ) 88 )
89 89
90 elif context.checkCallArgValue("ssl_version", insecureProtocolVersions): 90 elif context.checkCallArgValue("ssl_version", insecureProtocolVersions):
91 reportError( 91 reportError(
92 context.getLinenoForCallArg("ssl_version") - 1, 92 context.getLinenoForCallArg("ssl_version") - 1,
93 context.getOffsetForCallArg("ssl_version"), 93 context.getOffsetForCallArg("ssl_version"),
94 "S502.3", 94 "S-502.3",
95 "H", 95 "H",
96 "H", 96 "H",
97 ) 97 )
98 98
99 99
118 val = default.split(".")[-1] 118 val = default.split(".")[-1]
119 if val in insecureProtocolVersions: 119 if val in insecureProtocolVersions:
120 reportError( 120 reportError(
121 context.node.lineno - 1, 121 context.node.lineno - 1,
122 context.node.col_offset, 122 context.node.col_offset,
123 "S503", 123 "S-503",
124 "M", 124 "M",
125 "M", 125 "M",
126 ) 126 )
127 127
128 128
146 # It returns None if the argument passed doesn't exist. This 146 # It returns None if the argument passed doesn't exist. This
147 # tests for that (ssl_version is not specified). 147 # tests for that (ssl_version is not specified).
148 reportError( 148 reportError(
149 context.node.lineno - 1, 149 context.node.lineno - 1,
150 context.node.col_offset, 150 context.node.col_offset,
151 "S504", 151 "S-504",
152 "L", 152 "L",
153 "M", 153 "M",
154 ) 154 )

Mercurial Repository: eric

eric ide

mercurial